Cybersecurity News


ESET Threat Report T 1 2022

A view of the T 1 2022 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

The post ESET Threat Report T 1 2022 appeared first on WeLiveSecurity

02 June 2022

Scammers Target NFT Discord Channel

Scammers Target NFT Discord Channel Hackers escalate phishing and scamming attacks to exploit popular Discord bot and persuade users to click on the malicious links.
02 June 2022

International Authorities Take Down Flubot Malware Network

International Authorities Take Down Flubot Malware Network The info-stealing trojan used SMS messages and lifted contact credentials to spread with unprecedented speed across Android devices globally since December 2020.
02 June 2022

Being prepared for adversarial attacks

Being prepared for adversarial attacks There is no question that the level of threats facing today’s businesses continues to change on a daily basis. So what are the trends that CISOs need to be on the lookout for? For this episode of the Threatpost podcast, I am joined by Derek Manky, Chief Security Strategist & VP Global Threat Intelligence, Fortinet’s […]
02 June 2022

Microsoft Releases Workaround for ‘One-Click’ 0Day Under Active Attack

Microsoft Releases Workaround for ‘One-Click’ 0Day Under Active Attack Threat actors already are exploiting vulnerability, dubbed ‘Follina’ and originally identified back in April, to target organizations in Russia and Tibet, researchers said.
01 June 2022

Talking to children about the internet: A kid’s perspective

A 14-year-old shares his thoughts about technology and the potential privacy and security implications of the internet

The post Talking to children about the internet: A kid’s perspective appeared first on WeLiveSecurity

01 June 2022

Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang — Conti. Ransomware experts say there is good reason to believe the same cybercriminals are behind both attacks, and that Hive has been helping Conti rebrand and evade international sanctions targeting extortion payouts to cybercriminals operating in Russia.
31 May 2022

EnemyBot Malware Targets Web Servers, CMS Tools and Android OS

EnemyBot Malware Targets Web Servers, CMS Tools and Android OS Malware borrows generously from code used by other botnets such as Mirai, Qbot and Zbot.
31 May 2022

ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats

ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats The malvertiser’s use of PowerShell could push it beyond its basic capabilities to spread ransomware, spyware or steal data from browser sessions, researchers warn.
31 May 2022

Zero-Day ‘Follina’ Bug Lays Older Microsoft Office Versions Open to Attack

Zero-Day ‘Follina’ Bug Lays Older Microsoft Office Versions Open to Attack Malware loads itself from remote servers and bypasses Microsoft's Defender AV scanner, according to reports.
30 May 2022

Keeping it real: Don’t fall for lies about the war

Falsehoods about the war in Ukraine come in all shapes and sizes – here are a few examples of what’s in the fake news

The post Keeping it real: Don’t fall for lies about the war appeared first on WeLiveSecurity

30 May 2022

Scams targeting NFT investors – Week in security with Tony Anscombe

As with everything digital, there's someone, somewhere devising a method to steal the assets away from their rightful owners

The post Scams targeting NFT investors – Week in security with Tony Anscombe appeared first on WeLiveSecurity

27 May 2022

Critical Flaws in Popular ICS Platform Can Trigger RCE

Critical Flaws in Popular ICS Platform Can Trigger RCE Cisco Talos discovered eight vulnerabilities in the Open Automation Software, two of them critical, that pose risk for critical infrastructure networks.
27 May 2022

Cybersecurity: A global problem that requires a global answer

New and exacerbated cyber-risks following Russia’s invasion of Ukraine are fueling a new urgency towards enhancing resilience

The post Cybersecurity: A global problem that requires a global answer appeared first on WeLiveSecurity

27 May 2022

Some QCT servers vulnerable to 'Pantsdown' flaw say security researchers

The vulnerability, now patched, was issued a critical severity score of 9.8.
26 May 2022

ESET Research Podcast: UEFI in crosshairs of ESPecter bootkit

Listen to Aryeh Goretsky, Martin Smolár, and Jean-Ian Boutin discuss what UEFI threats are capable of and what the ESPecter bootkit tells us about their evolution

The post ESET Research Podcast: UEFI in crosshairs of ESPecter bootkit appeared first on WeLiveSecurity

26 May 2022

Cybergang Claims REvil is Back, Executes DDoS Attacks

Cybergang Claims REvil is Back, Executes DDoS Attacks Actors claiming to be the defunct ransomware group are targeting one of Akami’s customers with a Layer 7 attack, demanding an extortion payment in Bitcoin.
26 May 2022

PCI DSS v4.0: A Regional Perspective from Brazil

 

After nearly six years with the PCI Security Standards Council (PCI SSC), Carlos Caetano, Associate Director for the LA Region of Brazil, has decided to take on a new challenge with another company. The Council would like to take this opportunity to thank Carlos for his outstanding service to our organization. Under his leadership, PCI SSC held successful Latin American Forums, created the Brazil Regional Engagement Board, and established relationships with new Participating Organizations in Brazil. Carlos has served as Chair of the PCI SSC Translations Committee and has been a terrific spokesperson for the Council. PCI SSC wishes him all the very best in his future endeavors.

25 May 2022

Link Found Connecting Chaos, Onyx and Yashma Ransomware

Link Found Connecting Chaos, Onyx and Yashma Ransomware A slip-up by a malware author has allowed researchers to taxonomize three ransomware variations going by different names.
25 May 2022

Zoom Patches ‘Zero-Click’ RCE Bug

Zoom Patches ‘Zero-Click’ RCE Bug The Google Project Zero researcher found a bug in XML parsing on the Zoom client and server.
25 May 2022